Re: [openssl.org #2875] Limited rsa keysize

2012-09-12 Thread Daniel Marschall via RT
Thanks for your reply! Ok, this is an understandable reason. But I still think this is an issue because the error message (''keys do not match'') is very misleading and does not point to the actual problem - the intentionally limitation. There should be an error message which describes that thi

[openssl.org #2875] Limited rsa keysize

2012-09-12 Thread Daniel Marschall via RT
Hello, I found out that the rsa keysize is limited. Here is my script: http://www.viathinksoft.de/~daniel-marschall/asn.1/rsa-keysize-check/openssl_rsa32768_bug/ I cannot create a 32768 bits certificate which I want to create as test certificate to find limits in the implementations of x509 parse

Re: [openssl.org #2556] 3 bugs for OID encoding/decoding

2011-07-14 Thread Daniel Marschall via RT
Hallo, Am 14.07.2011 14:07, schrieb Stephen Henson via RT: > Couldn't actually reproduce a crash but it did produce invalid > encoding for this case. The AppCrash is only appearing at Windows (tested with WinServer 2008 R2) due to the overflow. But the bug is now fixed. > Anyway #2 and #3 shoul

Re: [openssl.org #2556] 3 bugs for OID encoding/decoding

2011-07-12 Thread Daniel Marschall via RT
Some addendum, please have a look at https://www.viathinksoft.de/~daniel-marschall/asn.1/oid_facts.html , section 5.7 . There is another bug presented, where OpenSSL does not check illegally padded 0x80 OIDs for correctness

[openssl.org #2556] 3 bugs for OID encoding/decoding

2011-07-06 Thread Daniel Marschall via RT
Hello, I hope it is OK when I submit 3 small bug reports in 1 request. I am using OpenSSL 0.9.8o 01 Jun 2010 (latest stable for Debian Squeeze) #1 (a) - OpenSSL displays ("-noout -text") root-arcs wrong OpenSSL displays the following OIDs as: 0.0 = itu-t 1.0 = iso 2.0 = joint-iso-itu-t This

Re: [openssl.org #2542] AutoReply: BUG: OID values near 32-Bit border are encoded wrong

2011-06-20 Thread Daniel Marschall via RT
Small addendum: OID value 4294967295 (2^32-1) encodes correctly, The values 4294967296 (2^32)until 4294967299 (2^32+3)encode into 0 until 3. The value 4294967300 (2^32 + 4) encodes correctly again! (Probably here the program turns too late into the arbitrary-number mode?) Regards Daniel Marsch

[openssl.org #2542] BUG: OID values near 32-Bit border are encoded wrong

2011-06-20 Thread Daniel Marschall via RT
Hello, I have a bug report for OpenSSL 0.9.8o 01 Jun 2010 (latest stable for Debian Squeeze) OpenSSL has problems encoding OIDs which are at the border of 32 bit range. I tested encoding several OIDs in the "new_oids" section to generate attributes. - OpenSSL encodes the OID 2.999.4294967295